Trust No Program

Block Drivers


This feature has been deprecated in SBIE version 4.+ and up. It is not longer supported.

BlockDrivers is a sandbox setting in Sandboxie Ini. It specifies whether Sandboxie will allow sandboxed programs to load drivers into the operating system. However, this setting does not govern the installation of new drivers -- see more below.

Usage:

   .
   .
   .
   [DefaultBox]
   BlockDrivers=n
			

Specifying n indicates that a sandboxed program may load drivers into the operating system. If this is not done, Sandboxie will deny the driver load attempt, and instead issue message SBIE2103.

Note: Disabling the protection afforded by BlockDrivers is not recommended.

Driver Installation

Before a driver can be loaded, it must first be installed. Driver installation is not affected by the BlockDrivers setting. To allow driver installation, you should add the following OpenKeyPath setting:

   OpenKeyPath=HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
			

And you should additionally open the driver file, using OpenFilePath. This is needed because the driver path that will be set in the registry (in a key created below CurrentControlSet\Services) will typically not point inside the sandbox.

   OpenFilePath=c:\program files\MyNewSoftware\SoftwareDriver.sys
			

Note: Allowing sandboxed programs to install drivers is not recommended.

Related Sandboxie Control setting: Sandbox Settings > Restrictions > Low-Level Access

Jump to
Sandboxie Ini
setting:


Global Settings:

ByteOrderMark

AlertProcess

ForceDisableSeconds
ForceDisableAdminOnly

EditAdminOnly
EditPassword
MonitorAdminOnly

ActivationPrompt


Enabled

FileRootPath
IpcRootPath
KeyRootPath

AutoDelete
NeverDelete
DeleteCommand

AutoRecover
AutoRecoverIgnore
RecoverFolder

AutoExec

BoxNameTitle
BorderColor
Description

CopyLimitKb
CopyLimitSilent

ForceFolder
ForceProcess
LingerProcess
LeaderProcess

NotifyInternetAccessDenied
NotifyStartRunAccessDenied

BlockDrivers
BlockFakeInput
BlockPassword
BlockSysParam
BlockWinHooks

BlockPort

DropAdminRights

OpenFilePath
OpenPipePath
ReadFilePath
WriteFilePath
ClosedFilePath

OpenKeyPath
ReadKeyPath
WriteKeyPath
ClosedKeyPath

OpenIpcPath
ClosedIpcPath

OpenWinClass
OpenClsid
OpenProtectedStorage
OpenCredentials

InjectDll
InjectDll64

ProcessLimit1
ProcessLimit2


See also:

Expandable VariablesShell FoldersProgram Name PrefixDeprecated Settings

Top

Sandboxie is Copyright © 2004-2019 by Sandboxie Holdings, LLC.  All rights reserved.
Sandboxie.com | Contact Author